Название: Zero-trust – An Introduction Автор: Tom Madsen Издательство: River Publishers Год: 2024 Страниц: 134 Язык: английский Формат: pdf (true) Размер: 10.2 MB
The book provides you with information on how to implement and manage a zero-trust architecture across these different layers of an infrastructure. It is an introduction to the overall purpose of zero-trust and the benefits that zero-trust can bring to an infrastructure, across many different technologies:
Zero-trust is not a product, but a way of thinking about design and architecture. Cisco and Microsoft are used as the technology vendors, but the steps and information are equally applicable to other technology vendors.
The aim of this book is to provide you with an introduction to the Zero Trust concept and provide you with information that you can use in your cybersecurity work, daily. Zero Trust as a concept in the cybersecurity industry is a new thing and it is poorly defined currently.
In this book, I will not try to nail down and define a firm definition of Zero Trust, as the concept is so new that there are as many opinions on Zero Trust, as there are people with an opinion on Zero Trust. One thing I am going to define though, is that Zerto Trust is not a product!!
Contrary to what many cybersecurity vendors are saying, buying a product does not implement Zero Trust in your infrastructure! A product can, and does help, implementing Zero Trust in your infrastructure. As I see it and remember my comment about the number of opinions on Zero Trust from earlier, Zero Trust is a way of thinking about security architecture. Using Zero Trust in designing an infrastructure, or a software application, contributes greatly to overall security of the application and infrastructure, but more on that during this book.
Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defences from static, network-based perimeters to focus on users, assets, and resources.
Below is a list of chapters and short descriptions of the content of the chapters:
• Chapter 1 – What is Zero Trust In this chapter I will elaborate on some of the benefits that using zero trust can bring to your company/organization
• Chapter 2 – How to Zero Trust This chapter will give you some tools and concepts to use in your zero-trust journey and cybersecurity career
• Chapter 3 – Zero Trust in the Network How to design a networking infrastructure to support zero trust and some advice on tooling to help maintain and develop the zero trust in networking.
• Chapter 4 – Zero Trust identity Identity management and validation is at the core of any zero-trust project. How do we use the various identities we all have in an infrastructure to zero-trust benefit?
• Chapter 5 – Cloud and Zero-trust Cloud computing can be a valuable tool for implementing a zero-trust network architecture, providing flexibility, scalability, and robust security features.
• Chapter 6 – Zero Trust in OT/ICS Environments OT environments are increasing their integration with IT environments, creating an ever increasing risk for compromise of the production systems in an organization. In this chapter I will extend the zero-trust concept into the OT/ICS environment and how that can benefit the security of the production systems.
• Chapter 7 – Zero-trust in 5G Private 5G is being implemented in many organizations, making the security of this implementation of the utmost importance. In this chapter I will outline a zero-trust strategy for private 5G deployments.
• Chapter 8 – Zero-trust Governance Without continued monitoring and maintenance, any zero-trust implementation will surely degrade over time. IN this chapter I will outline some of the monitoring that is needed to keep a zero-trust environment healthy and functioning as intended.
• Chapter 9 – Zero Trust, the next steps Zero Trust is still a concept in flux. In this chapter I will try to give some advice on how-to maintain and develop an infrastructure with a zero-trust mindset.